10963 Berlin, Germany, Gabriele-Tergit-Promenade 21


Data Protection Statement of the HIGHPARK by Palmira hotel

(EU Standard Contractual clauses)

  • About this data protection statement

The protection of your privacy is of the utmost importance to us. As a result, we would like to urgently ask you to read the following summary of how our website www.palmira-hp.com  works.

The data protection statement explained here satisfies the requirements of GDPR and BDSG (German Federal Data Protection Act). It aims to provide you with information about the nature, purpose and use of personal data by the website operator.

Although our website has various safety mechanisms in place, we cannot guarantee the full protection of your data, as gaps in protection on the Internet cannot be ruled out. If you have any concerns regarding the collection of your data, find the relevant contact details at the end of the text.

  • Personal data

The function and communication of our services are reliant on our user’s data. Personal data are highly sensitive – this means all information that can be used to uniquely identify a specific natural person. In accordance with GDPR, we have an obligation to list the entire scope of all such data.

By using our website, the following personal data is collected in accordance with GDPR:

  • First and last name
  • Address
  • Date of birth
  • E-mail address
  • IP address

This data is created when you use the following functions:

  • Comment function
  • Contact form
  • Inquiry forms
  • Newsletter form

We warrant that this data is only used for the functioning, statistical evaluation and improvement of our online content. In accordance with current regulations, this data is only collected for the period for which you use our service. The applicable statutory regulations on data deletion shall be observed.

What data do we collect?
If we need personal data from you to provide you with our services, we will ask you for this data. If, for example, you want to make a reservation for our hotel, we will ask you for information such as your name, address, telephone number, e-mail address, credit card number and for your room preferences so that we can process your reservation. We will use your e-mail address to send you a confirmation and, if required, other information to contact you if this is necessary to process the reservation. You can let us know at any time if you do not wish to receive any e-mails. We need the same information if you wish to purchase a gift voucher or redeem bonus points.

The personally identifiable information that you supply for a reservation is only transmitted to process your reservation enquiry.

Secure transmission and storage of data
We treat all of the information you send us as strictly confidential. Consequently, you are bound by our company’s security procedures and regulations for the protection and use of confidential information. If you enter credit card details, these are sent via an SSL connection (Secured Sockets Layer), as long as you are using an SSL-capable browser such as Microsoft Internet Explorer or Netscape Navigator. This ensures that your data is sent via the Internet only in encrypted form and the security mode is enabled before any such data is sent by your computer.

Once HIGHPARK by Palmira has received the data, the data is stored on a backup server that is protected by firewalls, which prevents unauthorised external access.

Use of other technical equipment to store personal data
Cookies are used on online booking and bonus systems that are not operated directly on our homepage. Cookies are small text files that are stored on your PC which are used with online data entries in databases, for example, to ensure that the entries made are by one and the same user. This shall not involve any personal data belonging to the user being stored, only the IP address. We will under no circumstances do these cookies generate or pass on personal data nor do they create a link to personal data. You can adjust the settings in your browser so that cookies are blocked (see your browser instructions for details of how to adjust these settings). However, note that such settings may mean that you are then unable to use some of the homepage functions.

Events and meetings
If you wish to send a query online or order our brochure to plan meetings, you are required to enter certain personally identifiable data. All personally identifiable data that you send to us, such as your name, postal address, e-mail address and telephone number, is transmitted to HIGHPARK by Palmira over the Internet as an unencrypted e-mail. We treat the information you provide as confidential.

Other websites
HIGHPARK by Palmira is only responsible for the data protection and content of this website. We accept no responsibility for the data protection regulations or the use of cookies on websites from which you obtain access to this website, or from external websites to which you obtain access via this website.

3. How do we collect data?
3.1. Log files
A log file is created as part of an automatic protocol by the processing computer system. This means that information on the device you use is kept as log files on a server.

We also perform a log file analysis. During this, our website provider logs:

  • Access to the website: date, time, frequency
  • How you accessed the website (previous page, hyperlink, etc.)
  • Volume of data transmitted
  • Which browser and version you use
  • Your IP address

The data collected during this process is only used to improve our online content. We or the website provider may only store, publish or subsequently access server log files for a longer period, if this is permitted by law (e.g. suspicion of illegal activity).

This website uses cookies. These are small text files that are placed in your browser history and are used to reconstruct the settings and other changes made at your next visit. Cookies allow us to personalise our service and to make it more user-friendly.
You have the option to block the setting of cookies and to delete existing cookies. However, we must inform you that certain features on the website may no longer work or only with restrictions.

3.3. Newsletter and subscriptions
We send a newsletter to the e-mail addresses we have stored for our users. To do this, we store corresponding e-mail addresses. If you no longer want to receive this, you can unsubscribe from the newsletter at any time. Simply send an e-mail to the following address: info@palmira-hp.com . Your email address will then be immediately removed from the distribution list.

Liability for links
Our website contains links to external third-party websites, over the contents of which we have no influence. We cannot therefore assume liability for this third-party content. The respective provider or operator of the website is always responsible for the content of linked pages. The linked websites were checked at the time of linking for possible legal violations. Illegal content was not detected at the time of linking. Permanent checking of the linked pages is unreasonable without concrete evidence of a violation. If violations are found, we will remove such links immediately.

  • Web analysis services

Google Analytics

This website uses Google Analytics. This server allow us to monitor the use of our website by creating reports and thus to tailor our online content to user demand.
In accordance with the data protection statement, we are required to explain how this service works.
Google Analytics sets its own cookies, which transmit the data collected generally to a server in the USA and store it there.

The data generated by Google Analytics includes:

  • Type of browser and version
  • Operating system you use
  • How long you stay on our website
  • Previously visited website
  • Your IP address

We have also adapted Google Analytics to the applicable statutory regulations on data protection. If you have anonymised your IP address, this is generally truncated before leaving the European Economic Area.
If you would like to disable these cookies, download the browser plug-in available at the following link:
If you do not want Google Analytics to collect any of your data, you can set an opt-out cookie via the following link, which prevents any future information from being collected: https://chrome.google.com/webstore/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=en

Further information on how the program works can be found here: https://www.google.de/intl/en_uk/analytics/#?modal_active=none

  • Sharing data with third parties

„In the event of a credit risk (name, address, e-mail address, company details and, if applicable, contract and receivables data), we transmit your data to IHD Gesellschaft für Kredit und Forderungsmanagement mbH, Augustinusstr. 11 B, 50226 Frechen, and, if applicable, to other cooperating business information agencies for the purpose of credit assessment and for checking the deliverability of the specified address and for the purpose of debt collection processing. The legal basis for this transmission are Art 6 I b DSGVO and Art 6 I f DSGVO. Transmissions on the basis of Art 6 I f DSGVO may only take place if this is necessary to safeguard the legitimate interests of our company and does not outweigh the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.

  • Social icons

On our website we offer the option to share content on social networks or via e-mail using external links. If you use these, you will be redirected to the provider’s website and provided with corresponding user information.
If when using our website you are logged into your account on one of these social networks and wish to share our content, this information will be linked to your account. We, as the operator, have no influence on the data transmitted by plug-ins to the corresponding server. In general, the IP address is transferred.
Further information on dealing with your data can be found in the data protection statement of the relevant provider:

Facebook: https://www.facebook.com/policy.php
Google+/ youtube: https://policies.google.com/privacy?hl=en&gl=de
Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
Xing: https://privacy.xing.com/en/privacy-policy
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Tripadvisor: https://tripadvisor.mediaroom.com/UK-privacy-policy

Here you’ll find information about buttons:
Facebook: https://developers.facebook.com/docs/plugins/
Google+/ youtube: https://policies.google.com/privacy?hl=en&gl=de
Pinterest: https://policy.pinterest.com/en-gb/privacy-policy
Xing: https://privacy.xing.com/en/privacy-policy
LinkedIn: https://www.linkedin.com/legal/privacy-policy
Tripadvisor: https://tripadvisor.mediaroom.com/UK-privacy-policy

Data protection statement on use of the Facebook Like button
Below is some important information from High Park Hospitality GmbH for Internet users on data protection in relation to the Facebook Like button. For ease of readability, the term Internet user will be used to refer to both male and female users.
The online content of High Park Hospitality GmbH at www.palmira-hp.com includes plug-ins from the social network Facebook. The social network Facebook is available at www.facebook.com and is operated by Facebook Inc., 1601 South California Avenue, Palo Alto, CA 94304, USA.
A link to the Facebook Inc. server is established automatically when the Internet user accesses a website of High Park Hospitality GmbH on which there is a Like button – without the Internet user clicking the Like button. The plug-in is shown on the website by a notice sent to the Internet user’s browser.
High Park Hospitality GmbH has no influence over nor any knowledge of the extent to which Facebook Inc. collects and/or processes and/or in any way uses the Internet user’s data nor for which purposes. Furthermore, it has no knowledge of whether or not data is passed on to third parties by Facebook Inc. The information below is given to Internet users based on the current knowledge of High Park Hospitality GmbH:
Facebook Inc. receives information on which websites of High Park Hospitality GmbH the Internet user has visited.
If the Internet user is not a registered member of Facebook and has no personal account with Facebook, Facebook may have identified and stored the Internet user’s IP address.

If the Internet user is a registered member of Facebook and is logged into their personal account on facebook.com whilst visiting one of the websites of High Park Hospitality GmbH, Facebook Inc. can assign the website access to the user’s personal account. When using a plug-in function (clicking the Like button, writing a comment), this information is transferred to Facebook Inc. and stored there. Internet users can prevent this by logging out of their personal account on facebook.com before visiting any of the websites of High Park Hospitality GmbH.
It cannot be excluded that Facebook Inc. may use the Internet user’s data to create a user profile or forward this on to a third party.
Internet users can find further information on the collection, processing and use of their data by Facebook in Facebook’s privacy policy. This can be viewed at www.facebook.com.

Google Tag Manager
Google Tag Manager is used to manage our website tags via an interface. The Tag Manager itself is a cookie-free domain that does not collect personal data. The purpose of the tool is to activate tags that can collect data in certain cases.
Google Tag Manager does not access this data. It is possible to obtain further information about this and to disable the service if necessary.

Data protection statement of Google Maps
This website uses the product Google Maps by Google Inc. By using this website you consent to the collection, processing and use of data collected automatically by Google Inc., its representatives and third parties.
Google Maps terms of service can be found at „Google Maps Terms of Service“.

  • Legal basis of the processing

Article 6(1)(a) GDPR serves our company as the legal basis for those processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the fulfilment of a contract whose parties include the data subject, as is the case for example with processing operations necessary for the delivery of goods or the performance of another service or return service, the processing shall be based on Article 6(1)(b) GDPR. The same applies to processing operations necessary to carry out precontractual measures, such as enquires about our products or services. If our company is under a legal obligation by which the processing of personal data is necessary, for example to fulfil tax obligations, this processing shall be based on Article 6(1)(c) GDPR. In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would for example be the case should a visitor to our company be injured and subsequently his name, age, health insurance details or other vital information need to be shared with a doctor, hospital or other third party. In this case, the processing would be based on Article 6(1)(d) GDPR. Ultimately, the processing operations could be based on Article 6(1)(f) GDPR. Processing operations not covered by any of the previously mentioned legal bases will rest on this legal basis, if the processing is necessary for the protection of a legitimate interest of our business or a third party, provided that this is not outweighed by the interests, fundamental rights and freedoms of the data subject. We are permitted to perform such processing operations in particular because they have been specifically mentioned by the European legislator. The legislator formed the view in this respect that a legitimate interest can be assumed if the data subject is a customer of the controller (Recital 47 Sentence 2 GDPR).

  • Legitimate interests in processing that are pursued by the controller or a third party

If the processing of personal data is based on Article 6(1)(f) of the GDPR, our legitimate interest lies in the performance of our business for the welfare of all our employees and shareholders.

  • Duration for which the personal data will be saved

The storage period for personal data is based on the respective statutory retention period. When this deadline expires, the corresponding data will be routinely deleted provided it is no longer required to fulfil the contract or to initiate a contract.

  • Legal or contractual regulations for the provision of personal data; Necessity for the conclusion of the contract; Obligation of data subject to provide personal data; Possible consequences of non-provision

We hereby inform you that the provision of personal data is in part prescribed by law (e.g. tax regulations) or may arise from contractual regulations (e.g. details of the contracting party). It may, for example for the conclusion of a contract, be necessary for the data subject to provide us with personal data that we must subsequently process. The data subject is for example obliged to provide us with personal data, if our company concludes a contract with them. Non-provision of personal data could result in the contract with the data subject failing to be concluded. Before the data subject provides personal data, they must contact our data protection officer. Our data protection officer will explain to the data subject on an individual case basis whether the provision of personal data is legally or contractually prescribed or necessary for the conclusion of the contract, whether there is an obligation to provide personal data; and what the consequences of non-provision of personal data would be.

  • The existence of an automated decision-making process

As a responsible company we do not use an automated decision-making process or profiling.

  • Your rights

You have rights in relation to the collection of your data. In accordance with the law, we are required to inform you of these rights. You can assert and implement these rights at no cost to you.

Right to cancel
You have the right to withdraw your consent to the collection of data at any time. This right applies with effect for the future; the data collected until your consent is withdrawn remain unaffected.
If you wish to assert your right of withdrawal, send an e-mail to: info@palmira-hp.com

Right to data portability
You have the right to request the transfer of your data from us to another party.

Right to rectification, erasure or blocking
You have the right to rectify, erase or block your data. Blocking can only be carried out if the legal situation does not permit erasure.
To assert this right, send an e-mail to: info@palmira-hp.com

Right of appeal
You have the right to appeal to a supervisory authority or a notified body if you have ground for complaint.

Responsibility for data collection
Please direct any questions, requests for information, complaint or criticism regarding our data protection to the following body:
High Park Hospitality GmbH
Gabriele-Tergit-Promenade 21,
10963 Berlin10719 Berlin
Эл. почта: info@palmira-hp.com

Data protection officer
A data protection officer oversees the correct implementation of data protection. If you have any concerns regarding the processing of your personal data, it is possible to contact the data protection officer directly.
High Park Hospitality GmbH
Gabriele-Tergit-Promenade 21,
10963 Berlin10719 Berlin
Эл. почта: info@palmira-hp.com

  • Amendments to the data protection statement

Severability Clause
Should individual provisions of this data protection declaration be null and void, this shall not affect the legal validity of the remaining provisions. The invalid provision shall be replaced by a valid provision which is practicable in accordance with the meaning of the data protection declaration.

We will update this privacy policy if necessary for legal or factual reasons. Please keep yourself regularly informed about the current status of the declaration.

Here you have the opportunity to view the data information sheet on the duty to provide information pursuant to Art. 13 DSGVO.

Last updated (May 25, 2018).